Not what you are looking for? Ask the experts!
wpfgfx_v0400.dll Quarantined After 7/24 Windows 8.1 Updates
Product: Norton 360
OS Version: Windows 8.1
I discovered (purely by accident) that on 7/25, Norton 360 placed wpfgfx_v0400.dll in quarantine. I never got an onscreen alert about this detection. I just happened to check my quarantine, which I do from time to time so that I don't accidentally miss something.
The .dll is labeled as containing TROJAN.GEN.NP2. (See the first screen shot.) Since the detection came on the heals of a Windows Update, I suspected it could be a false positive.
An internet search didn't bring up any posts about this being a false positive in Norton 360, but I did find this thread about it being a false positive in Symantec Endpoint Protection: https://www.symantec.com/connect/forums/wpfgfxv0400dll-false-positive-se....
The .dll file name, detection, and detection location are the same on my machine as in this thread. (Second screen shot)
I rolled my machine back to a early July restore point to see if the file would show up again when I redid the Windows Updates. Sure enough, Norton made a second detection in the exact same location, but this time it did not quarantine the .dll file. (See the third screen shot.) I only see the original detection in my quarantine.
Safe Mode scans of my machine with both Norton 360 and Malwarebytes say my machine is clean, so my questions are these:
1. Can I be assured that this is in fact a false positive triggered by the 7/24 Windows 8.1 updates, and I'm not infected?
2. What should I do with the file currently in quarantine? Do I just delete it or does it need to be restored?